...
No | Work item | Responsible | Comment | Status | |||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Preparation of documentation | ||||||||||||
Service Description | -Development team prepares -SO signs off | Marina to give a try to document - talk to Outreach person for SPs Laura Paglione. She will be working to adapt the documentation from the github into docs that SPs can use. Marina to peer with her, and give her direct feedback - include Heather in this conversation as well. |
| ||||||||||
don | Service policy (Terms of use, SLA) | -Development team prepares -SO signs off | Terms of use are out of scope for service delivered by GEANT. It is responsibility of seamlessaccess.org. Example from InAcademia https://inacademia.org/service-policy/, and eduroam https://www.eduroam.org/wp-content/uploads/2016/05/GN3-12-192_eduroam-policy-service-definition_ver28_26072012.pdf Marina can check if there is something additional in the contract - especially about who responsibility it is to support the end-users. SLA should be defined between seamlesaccess.org and GEANT. The beta service should be best effort (there could be some tension with the publishers though ) For the beta service, there is an MoU which is being signed. (update from 16 July - orcid the last one to sign, it should be done this week) |
This should be done for the production service. The beta service is to test this out. | |||||||||
Branding and Visibility | -Development team prepares -SO signs off | This is probably not relevant to the part of the service delivered by GEANT. It is responsibility of seamlessaccess.org Info from July 2019 from Heather: There will be a website soon - we now have a UX person contracted (Sean, Chicago), and that’s one of the things on his plate |
| ||||||||||
Operational Requirements | -Development team prepares -SO signs off | Seamless Access Operational Requirements Marina to check if anything needs to be updated or what is missing. |
| ||||||||||
OLA | -Development team prepares -SO and GEANT T&I operation support/Core team sign off | Seamless Access Operational Level Agreements (- OLA) This is between SUNET and GEANT.Marina to set this up based on the InAcademia OLA. Draft OLA was defined and is within SUNET NOC for approval |
| ||||||||||
Deployment architecture | -Development team prepares -SO signs off | Seamless Access Deployment Architecture Marina to set this up based on the OLA. |
| ||||||||||
Operational documentation and processes | -Development team prepares -SO signs off | Seamless Access Operational DocumentationChange management, Incident response, Deployment manual etc.. Documentation |
| ||||||||||
User documentation | Who is responsible for this? |
| |||||||||||
User support | Who is responsible for this? | In scope for seamless access. |
| ||||||||||
GDPR - data inventory, privacy notice, DPA | -GDPR team +SO + technical architect -GDPR accountable and SO signs off | GDPR evaluation was done and conclusion is that Seamless Access does not process any personal data. |
| ||||||||||
2 | Test and validation | ||||||||||||
Make a test plan | Development team and Test team prepares | Pen/Security done by DFN cert. Additional testing could be done as well if skilled javascript testers can be found. Talk to Marcin and understand the requirements for testing first. Code testing would be needed as well. - Marina to check with Marcin what can be done, and ask for the schedule. This is all Leifs code - we need to pull him in where he sees that testing is needed, when it will be available for testing. Pen/Security would be needed - Marina can check with the project if we can get somebody from carnet and DFN to do. From the MoU: Implement and test the Beta service to ensure its stability, functionality, security, usability, broad applicability, and fitness for purpose as described in this MoU. |
| ||||||||||
3 | IPR compliance checking | ||||||||||||
IPR compliance | IPR accountable + SO + technical architect Route the request through GEANT T&I operation support/Core team To whoom the IPR belongs to ? Needs discussion. | GEANT IPR coordinator has signed off the IPR. Note that was given on 6th December 2019: "Update regarding the scanning of the code provided https://github.com/TheIdentitySelector in most of the files no source/binary files were detected, consequently no licence/vulnerabilities were detected…In the js-storage-master file there were 3 licences detected (MIT licences) – as this is permissive licence, there are no further issues with it." |
| ||||||||||
4 | GDPR compliance checking | GDPR accountable | |||||||||||
Data inventory and mapping | -GDPR team +SO + technical architect -GDPR accountable and SO signs off | Seamless Access Data Processing Conclusion is that SA doesn't process any personal data, so Data Inventory and Mapping are not needed Hopefully this will be easy as the service is privacy perserving. The only one could be the IP address. Marina will ask will start with the data inventory and reslove the ip address question as well. |
| ||||||||||
Privacy notice and DPA | -GDPR team +SO + technical architect -GDPR accountable and SO signs off | Not needed. |
| ||||||||||
5 | Operational team establishment | ||||||||||||
Appoint service owner | WP5 leaders | Done. The service owner is responsible for service as delivered via GEANT project. |
| ||||||||||
Define roles, skills, manpower needed | Development team | We need to check this with what seamlessaccess.org, but if we deliver a service then it is our internal matter. |
| ||||||||||
Appoint operational team members | Service Owner | Done |
| ||||||||||
6 | Operational team training | ||||||||||||
Training the operational team | Not needed |
| |||||||||||
7 | Support team establishment | ||||||||||||
Establish the support team | Will be provided by seamless access, out of scope for GEANT |
| |||||||||||
8 | Support team training | ||||||||||||
Training of the support team | Will be provided by seamless access, out of scope for GEANT |
| |||||||||||
9 | Deployment in production environment | ||||||||||||
Monitoring set up | Operations team based on the requirements from the technical lead and SO SO signs off when implemented | Seamless Access Monitoring and Reporting https://status.seamlessacccess.org Need to define which kind of metrics we can take so that we measure how much the service is used. Marina and Heather need to talk to Leif. Can we do something in monitoring to support the MoU: Implement and test the Beta service to ensure its stability, functionality, security, usability, broad applicability, and fitness for purpose as described in this MoU. Gather evidence on the utility of the Beta service and its impact in current access workflows with respect to the goals of the Coalition |
| ||||||||||
Back-up and restore | Operations team based on the requirements from the technical lead and SO SO signs off when implemented | Not needed |
| ||||||||||
VMs | Operations team based on the requirements from the technical lead and SO SO signs off when implemented | One PoP is Two nodes are provided by SUNET. Second PoP will be deployed Two nodes are operated on AWS, in two different regions. |
| ||||||||||
Deployment | Operations team based on the requirements from the technical lead and SO SO signs off when implemented | Deployment is completed on SUNET nodes. In progress is deployment on AWS nodes. |
| ||||||||||
CDN | ? | Provided by Fastly. The bill is currently picked up by SUNET, but this should move to GEANT. |
| ||||||||||
10 | Service Promotion | ||||||||||||
NA, responsibility of the seamless access | Will be provided by seamless access, out of scope for GEANT. Outreach person for SPs Laura Paglione (laura@seamlessaccess.org). Feel free to reach out to her if you have questions or ideas. |
| |||||||||||
11 | PLM Documentation | ||||||||||||
TBD if applicable |
|
...